Need help with an object-group on PIX 506

Unanswered Question

I need to group the following ports for a VoIP device.

514 UDP

1194 UDP

3480 UDP

49000-50000 UDP

443 TCP

I obviously don't want to make 1000+ entries in the PIX config, and I'm a tad confused on the object-group and then how to apply it.

Single IP, translated from the interface to 192.168.1.5. What commands will I need? Thanks so much for any help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vikram_anumukonda Tue, 03/03/2009 - 04:20

object-group service VOIP_TCP tcp

port-object eq 443

!

object-gropu service VOIP_UDP udp

port-object eq 514

port-object eq 1194

port-object eq 3480

port-object range 49000 50000

!

access-list TESTACL permit tcp any any object-group VOIP_TCP

access-list TESTACL permit udp any any object-group VOIP_UDP

!

is this what you are looking for ?

Actions

This Discussion